DP World - Security Analyst Manager

Urgent Requirement - Security Analyst

Working Location - Andheri

CTC - max 25 LPA

Experience required - 5 - 10 yrs

Working Days - 5 days

Designation - Manager

Purpose of the Job:

- To keep up to date with security trends, threats and control measures.

- To assist in technical vulnerability assessments of IT systems and processes, identifying potential vulnerabilities, to make recommendations to control any risks identified and follow-up for closure.

- He should monitor activities as per security plan for all the locations and assist in internal audit. Interact with all stakeholders to ensure the closure.

- Conduct Risk Assessment with help of IT Security Manager

- Assist in standardization of Inventory of authorized and unauthorized devices - That can include specific lists of device models that are allowed or banned, or lists of criteria devices must meet before they're allowed on the network.

- Assist in standardization of Inventory of authorized and unauthorized software - Likewise, organizations should know what software is allowed on their systems and have a way to monitor for applications that aren't allowed.

- Secure configurations for hardware and software - Ensure and random check of all devices, including PCs, laptops, mobile devices and servers, be properly configured as per hardening guidelines to prevent cyber attacks.

- Ensure Secure configurations for network devices - Likewise, Ensure and random check of routers, firewalls, switches and other networking devices be properly configured to protect against cyber attacks.

- Continuous vulnerability assessment and remediation - he should conduct the automated vulnerability testing to scan for security holes on at least quarterly basis. Follow-up to ensure closure and report to Security Head.

- Defenses against malware - Ensure all infrastructure devices have protection against malware.

- Secure web applications - Ensure security controls are present in applications.

- Whitelisting of Software

- Secure wired/ wireless devices - Monitor traffic on wired/ wireless networks and assist network admins to implement enterprise-level security controls to protect access points, as well as create awareness to ensure safe internet/ Wi-Fi use among employees.

- Data recovery- Random check of backup and restoration testing related controls.

- Monitor and ensure information security awareness training done for all employees and contracted employees.

- Control of ports and services - Check and ensure default ports and services are blocked or alternative controls are implemented.

- Controlled administrative privileges - Random check of administrative privileges

- Facilitate user access review and monitor ISMS metrics

- Boundary defenses - Research and suggest admins in blacklisting mail id and ip addresses.

- Assist in security solution implementation

- Monitoring and analysis of audit logs

- Assist in implementing controls against data loss

- Random check of implemented controls mentioned in information security policy and accompanying standards, procedures and guidance

- To investigate suspected and actual security incidents in accordance with the security incident management standard, produce reports with recommendations and ensure any remedial action is taken

- Respond to enquiries from staff and provide security advice as required

- Work with internal stakeholders to develop relationships to help promote and improve information security